add 'kbytes' field to interval_statistics

code_boost/src/cxx/pcap_processor.cpp

@@ -138,6 +138,7 @@ void pcap_processor::collect_statistics() {
         std::cout << "Aidmar: Interval duration:" << timeInterval_microsec << std::endl;        
         //int pktsInterval = 1000;        
         int previousPacketCount = 0;
+        float previousSumPacketSize = 0;
         
         // Iterate over all packets and collect statistics
         for (; i != sniffer.end(); i++) {
@@ -151,10 +152,11 @@ void pcap_processor::collect_statistics() {
             std::chrono::microseconds currentCaptureDuration = lastPktTimestamp - firstTimestamp;
             std::chrono::microseconds barrier =  timeIntervalCounter*timeInterval;
             if(currentCaptureDuration>barrier){                    
-                stats.addIntervalStat(timeInterval, intervalStartTimestamp, lastPktTimestamp, previousPacketCount);
+                stats.addIntervalStat(timeInterval, intervalStartTimestamp, lastPktTimestamp, previousPacketCount, previousSumPacketSize);
                 timeIntervalCounter++;   
                 intervalStartTimestamp = lastPktTimestamp;
                 previousPacketCount = stats.getPacketCount();
+                previousSumPacketSize = stats.getSumPacketSize();
             }
             
             std::cout << "Aidmar: addIntervalStat + getPacketCount" << std::endl;

code_boost/src/cxx/statistics.cpp

@@ -161,7 +161,7 @@ void statistics::calculateIPIntervalPacketRate(std::chrono::duration<int, std::m
  * @param intervalEndTimestamp The timstamp where the interval ends.
  * @param previousPacketCount The total number of packets in last interval.
  */
-void statistics::addIntervalStat(std::chrono::duration<int, std::micro> interval, std::chrono::microseconds intervalStartTimestamp, std::chrono::microseconds intervalEndTimestamp, int previousPacketCount){
+void statistics::addIntervalStat(std::chrono::duration<int, std::micro> interval, std::chrono::microseconds intervalStartTimestamp, std::chrono::microseconds intervalEndTimestamp, int previousPacketCount, float previousSumPacketSize){
     // Add packet rate for each IP to ip_statistics map
     calculateIPIntervalPacketRate(interval, intervalStartTimestamp);
     
@@ -170,6 +170,8 @@ void statistics::addIntervalStat(std::chrono::duration<int, std::micro> interval
     std::string lastPktTimestamp_s = std::to_string(intervalEndTimestamp.count());
     
     interval_statistics[lastPktTimestamp_s].pkts_count = packetCount - previousPacketCount;  
+    interval_statistics[lastPktTimestamp_s].kbytes = (float(sumPacketSize - previousSumPacketSize) / 1024) ;
+    
     if(ipEntopies.size()>1){
         interval_statistics[lastPktTimestamp_s].ip_src_entropy = ipEntopies[0];
         interval_statistics[lastPktTimestamp_s].ip_dst_entropy = ipEntopies[1];
@@ -479,6 +481,12 @@ Tins::Timestamp statistics::getTimestampLastPacket() {
 int statistics::getPacketCount() {
     return packetCount;
 }
+/**
+ * Getter for the sumPacketSize field.
+ */
+int statistics::getSumPacketSize() {
+    return sumPacketSize;
+}
 
 
 /**

code_boost/src/cxx/statistics.h

@@ -184,6 +184,7 @@ struct entry_ipStat {
  */
 struct entry_intervalStat {
     int pkts_count;
+    float kbytes;
     float ip_src_entropy; 
     float ip_dst_entropy;
     float ip_src_cum_entropy; 
@@ -195,6 +196,7 @@ struct entry_intervalStat {
 
     bool operator==(const entry_intervalStat &other) const {
         return pkts_count == other.pkts_count
+               && kbytes == other.kbytes
                && ip_src_entropy == other.ip_src_entropy
                && ip_dst_entropy == other.ip_dst_entropy
                && ip_src_cum_entropy == other.ip_src_cum_entropy
@@ -346,7 +348,7 @@ public:
     void addConvStat(std::string ipAddressSender,int sport,std::string ipAddressReceiver,int dport, std::chrono::microseconds timestamp);
     std::vector<float> calculateIPsCumEntropy();
     std::vector<float> calculateLastIntervalIPsEntropy(std::chrono::microseconds intervalStartTimestamp);        
-    void addIntervalStat(std::chrono::duration<int, std::micro> interval, std::chrono::microseconds intervalStartTimestamp, std::chrono::microseconds lastPktTimestamp, int previousPacketCount);
+    void addIntervalStat(std::chrono::duration<int, std::micro> interval, std::chrono::microseconds intervalStartTimestamp, std::chrono::microseconds lastPktTimestamp, int previousPacketCount, float previousSumPacketSize);
 
     void incrementTTLcount(std::string ipAddress, int ttlValue);
 
@@ -370,6 +372,7 @@ public:
     // Aidmar
     void addIpStat_packetSent(std::string filePath, std::string ipAddressSender, std::string ipAddressReceiver, long bytesSent, std::chrono::microseconds timestamp);
     int getPacketCount();
+    int getSumPacketSize();
 
     void addMSS(std::string ipAddress, int MSSvalue);
 

code_boost/src/cxx/statistics_db.cpp

@@ -32,7 +32,7 @@ void statistics_db::writeStatisticsIP(std::unordered_map<std::string, entry_ipSt
                 "kbytesSent REAL, "
                 "maxPktRate REAL,"
                 "minPktRate REAL,"
-                "class TEXT, "
+                "ipClass TEXT, "
                 "srcAnomalyScore REAL, "
                 "dstAnomalyScore REAL, "
                 "PRIMARY KEY(ipAddress));";
@@ -378,7 +378,7 @@ void statistics_db::writeStatisticsInterval(std::unordered_map<std::string, entr
         db->exec("DROP TABLE IF EXISTS interval_statistics");
         SQLite::Transaction transaction(*db);
         const char *createTable = "CREATE TABLE interval_statistics ("
-                "timestamp TEXT,"
+                "lastPktTimestamp TEXT,"
                 "pktsCount INTEGER,"
                 "ipSrcEntropy REAL,"      
                 "ipDstEntropy REAL,"